JailShell logs

tecwithquestion

• January 14, 2015 23:25

Hello I have noticed that user who have jail shell access, he can access 80% of server data. and this is very risky. Is there any way to prevent this ? or is there any way to copy all users commands execuated via jailshell to safe location so that he can not clear those ? in bash history it gets saved but user can remove / clear those entries

• 

  MilesWeb

  • January 15, 2015 05:38

  ]Hello I have noticed that user who have jail shell access, he can access 80% of server data. and this is very risky. Is there any way to prevent this ? or is there any way to copy all users commands execuated via jailshell to safe location so that he can not clear those ? in bash history it gets saved but user can remove / clear those entries

  
  Which files can be read with the jail shell access ? Could you confirm which files can be modified which are outside his account ?

  0
• 

  tecwithquestion

  • January 15, 2015 05:47

  many folders of servers

  0
• 

  MilesWeb

  • January 15, 2015 07:14

  ]many folders of servers

  
  Yes, you should be able to view them. However, if these folders have actual data, you won't have access to it. Kindly provide with any such folder under which you can view the files and read them.

  0
• 

  cPanelMichael

  • January 15, 2015 12:25

  Hello :) This is standard due to the nature of how the filesystem works on Linux. Note that while you may be able to view some directories outside of /home, all account-specific data should be restricted. Additional documentation is available at: VirtFS (Jailed Shell) Thank you.

  0
• 

  tecwithquestion

  • January 15, 2015 13:40

  Okay. I will look for it. how can I get the jailshell lock for user for which jailshell is enabled. can I make copy of his history file somewhere on server ? home/user/.bash.history is not good file. He can clean that file (if he is having good exp on linux)

  0
• 

  cPanelMichael

  • January 15, 2015 13:49

  Could you elaborate further on the "jailshell lock" reference? As for the second question, there's a thread on that here: Prevent users from editing bash history Thank you.

  0
• 

  tecwithquestion

  • January 15, 2015 16:47

  ]Could you elaborate further on the "jailshell lock" reference? As for the second question, there's a thread on that here: Prevent users from editing bash history Thank you.

  
  Sorry . I mean to say jailshell logs. I did typo error.

  0
• 

  cPanelMichael

  • January 15, 2015 16:53

  You can copy the .bash_history file through a cron job as mentioned in the thread from my previous post. Thank you.

  0

Please sign in to leave a comment.